The Security Easy Button. Block Threats in Real Time.

Menu

An entire BGP AS appears to have been hijacked by cybercriminals who are now using it as a source of spam. ThreatSTOP has therefore added the IP netblocks in this AS* to our emergency feed which will block these addresses for 24 hours. It seems likely that during this time the AS and associated netblocks will be returned to proper control but if not we will either maintain them in the emergency feed or place them in one of our standard lists.

Share this:

Via my friends at Control Global, I've found and started to read the summary analysis of the STUXNET worm by Ralph Langner. Langner shows what looks like fairly strong circumstantial evidence that STUXNET was a deliberate cyberwar attack - presumably on the Iranian nuclear program, with possible spin offs to also affect nuclear research in other countries as well. Politically, this is fascinating stuff, but as this blog is about cyber security I prefer to look at some of the security issues it raises.

Share this:

There are times when I disagree strongly with Steve Jobs, and times when I think he may just have a point. The point in question being his dislike of Adobe's Flash. Flash, and Adobe Reader, are in the news again because of yet another security hole that's being actively exploited by the bad guys while Adobe can only promise to fix its code sometime the week after next.

Share this:

Recently I blogged that we had added the abuse.ch ZeuS Tracker botnet list as a block list source. Last week we confirmed that it worked by seeing that our customers had connections to addresses on that list that were blocked by ThreatSTOP, and which came from systems later confirmed to be infected.